skill-sanitizer

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill instructs the agent to extract and report URLs, code blocks, environment variables and POST bodies from inspected skill files but does not require redaction, so any hardcoded API keys or secrets present in the scanned skill would likely be included verbatim in the generated report.

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 1.00). These URLs are highly suspicious: multiple domains are attacker-themed or unknown and include a direct shell installer (https://setup.evil/install.sh) and clear data-exfiltration endpoints (collector/collect/analytics), all of which are strong indicators of malicious distribution or credential/secret exfiltration—only api.picaos.com appears benign.